Security is the condition of being protected
against danger or loss. In the general sense, security is a concept
similar to safety. The
nuance between the two is an added emphasis on being protected from
dangers that originate from outside. Individuals or actions that
encroach upon the condition of protection are responsible for the
breach of security.

The word "security" in general usage is
synonymous with "safety," but as a technical term "security" means
that something not only is secure but that it has been secured. In
telecommunications,
the term security has the following meanings:

A condition that results from the establishment and maintenance
of protective measures that ensure a state of inviolability from
hostile acts or influences.

With respect to classified matter, the condition that prevents
unauthorized persons from having access to official information that is
safeguarded in the interests of national
security.

Measures taken by a military unit, an activity or installation
to protect itself against all acts designed to, or which may,
impair its effectiveness.

Security has to be compared and contrasted with
other related concepts: Safety, continuity,
reliability. The key
difference between security and reliability is that security must
take into account the actions of active malicious agents attempting
to cause destruction.

Perceived security compared to real security

It is very often true that people's perception of
security is not directly related to actual security. For example, a
fear of flying is much more common than a fear of driving; however,
driving is generally a much more dangerous form of transport. The
tool may be mistaken for the effect, for example when multiple
computer
security programs interfere with each other, the user assumes
the computer is secure when actual security has vanished.

Another side of this is a phenomenon called
security
theatre where ineffective security measures such as screening
of airline passengers based on static databases are introduced with
little real increase in security or even, according to the critics
of one such measure -
Computer Assisted Passenger Prescreening System - with an
actual decrease in real security.

Additionally, however, sometimes if it is
perceived that there is security then there will be an increase in
actual security, even if the perception of security is mistaken.
Sometimes a sign may warn that video surveillance is covering an
area, and even if there is no actual visual surveillance then some
malicious agents will be deterred by the belief that there may be.
Also, often when there is actual security present in an area, such
as video surveillance, an alarm system in a home, or an anti-theft
system in a car such as a LoJack, signs advertising this security
will increase its effectiveness, protecting the value of the
secured vehicle or area itself. Since some intruders will decide
not to attempt to break into such areas or vehicles, there can
actually be less damage to windows in addition to protection
of valuable objects inside. Without such advertisement, a car-thief
might, for example, approach a car, break the window, and then flee
in response to an alarm being triggered. Either way, perhaps the
car itself and the objects inside aren't stolen, but with perceived
security even the windows of the car have a lower chance of being
damaged, increasing the financial
security of its owner(s). It is important, however, for signs
advertising security not to give clues as to how to subvert that
security, for example in the case where a home burglar might be more likely to
break into a certain home if he or she is able to learn beforehand
which company makes its security system.

Categorising security

There is an immense literature on the analysis
and categorisation of security. Part of the reason for this is
that, in most security systems, the "weakest link in the chain" is
the most important. The situation is asymmetric since the defender
must cover all points of attack while the attacker need only
identify a single weak point upon which to concentrate.

Assurance
- assurance is the level of guarantee that a security system will
behave as expected

Security management in organizations

In the corporate
world, various aspects of security were historically addressed
separately - notably by distinct and often noncommunicating
departments for IT security, physical security, and fraud
prevention. Today there is a greater recognition of the
interconnected nature of security requirements, an approach
variously known as holistic security, "all hazards" management, and
other terms. Inciting factors in the convergence of security
disciplines include the development of digital video surveillance
technologies (see
Professional video over IP) and the digitization and networking
of physical control systems (see SCADA). Greater
interdisciplinary cooperation is further evidenced by the February
2005 creation of the Alliance for Enterprise Security Risk
Management, a joint venture including leading associations in
security (ASIS), information
security (ISSA, the Information
Systems Security Association), and IT audit (ISACA, the
Information Systems Audit and Control Association).